From d2230a42d4cfd85dd698919d2af2b8413d8754ba Mon Sep 17 00:00:00 2001
From: Bernardo Ramos <berna.gensis@gmail.com>
Date: Wed, 31 Jan 2024 05:26:31 +0000
Subject: [PATCH] fuzzing: fix string value

---
 fuzzing/fuzz_encoder.c | 9 ++++++---
 1 file changed, 6 insertions(+), 3 deletions(-)

diff --git a/fuzzing/fuzz_encoder.c b/fuzzing/fuzz_encoder.c
index 79012ac..dea288c 100644
--- a/fuzzing/fuzz_encoder.c
+++ b/fuzzing/fuzz_encoder.c
@@ -96,7 +96,8 @@ static binn* create_list(const unsigned char *buf, unsigned int len) {
       // the value can be up to 16-bit size
       if (len < 2) goto done;
       value_size = *(unsigned short*)buf;
-      value = (char*)malloc(value_size); // random content
+      value = (char*)malloc(value_size+1); // random content
+      value[value_size] = 0; // null terminator
       binn_list_add_str(list, value);
       free(value);
       buf += 2; len -= 2;
@@ -208,7 +209,8 @@ static binn* create_map(const unsigned char *buf, unsigned int len) {
       // the value can be up to 16-bit size
       if (len < 2) goto done;
       value_size = *(unsigned short*)buf;
-      value = (char*)malloc(value_size); // random content
+      value = (char*)malloc(value_size+1); // random content
+      value[value_size] = 0; // null terminator
       binn_map_set_str(map, key, value);
       free(value);
       buf += 2; len -= 2;
@@ -325,7 +327,8 @@ static binn* create_object(const unsigned char *buf, unsigned int len) {
       // the value can be up to 16-bit size
       if (len < 2) goto done;
       value_size = *(unsigned short*)buf;
-      value = (char*)malloc(value_size); // random content
+      value = (char*)malloc(value_size+1); // random content
+      value[value_size] = 0; // null terminator
       binn_object_set_str(obj, key, value);
       free(value);
       buf += 2; len -= 2;